Financial Crime World

Bahamas Banks Urged to Implement Industry Best Practices for Financial Institution Security

In light of growing concerns over cyber threats and data breaches, financial institutions in the Bahamas are being urged to implement robust security measures to protect their customers’ sensitive information.

Why Secure eBanking is Essential

A secure eBanking experience is essential for consumers who want to complete everyday banking transactions electronically. To achieve this, banks must adhere to industry best practices for internet security.

Security Measures Every Bank Should Have in Place

Financial institutions in the Bahamas should implement the following security controls:

  • Two-Factor Authentication: Verify customer identities through a visual validation process that confirms the website’s authenticity.
  • Secure Firewalls and Remote Access Connections: Implement stringent controls over remote access protocols to prevent unauthorized access.
  • Internal Access and Control Procedures: Adhere to industry standard administrative access and control procedures for internal management of infrastructure.
  • Password Encryption: Encrypt passwords during storage and transmission using robust industry-standard algorithms.
  • Lockout Mechanism: Implement online account lockout mechanisms after three unsuccessful attempts to prevent brute-force attacks.
  • Timeout: Expiration of user sessions automatically occurs if there is no activity for more than 10 minutes.
  • 24/7 Monitoring: Continuously monitor access and use of systems to ensure compliance with defined security rules and protocols.
  • Security Audits and Reviews: Regularly conduct third-party security audits and reviews to validate and ensure that systems meet effective standard controls required by industry best practice norms.

Additional Measures to Enhance Security

Banks in the Bahamas should also consider implementing additional measures, such as:

  • Additional Authentication: Prompt customers for Authorisation PINs (secondary passwords) for sensitive online banking transactions.
  • Date/Time Stamp: Display the date and time of customer visits on the landing page to detect unauthorized account access.
  • Free eNotifier Service: Offer timely account-activity reminders and alerts to customers through email or SMS text messages.

Conclusion

By implementing these security measures, financial institutions in the Bahamas can provide their customers with a secure and convenient eBanking experience that meets industry best practices.